Thanks For Ruining A Good Thing, Or TRYING To!

It seems that there has been some shenanigans happening with the OSHW logo voting page as some are using scripts to game the system for their favorite design. Why? Who knows…  How? Well one of the advocates of OSHW [Bill Porter] set about figuring that out, and things should be patched up now, though that still leaves 3,122 faulty votes to weed out on the final day (April 5th).

While it is hard to imagine how someone would be so attached to a logo to write a script just to game votes,  its not that surprising considering that we can be a pretty outgoing bunch when it comes to certain topics. Organizers are asking if you’re one of the listed IP addresses, and had good intentions to fess up, and tell which logo(s) you voted for to make the process easier. If not, well, “this is not going to stop everyone’s good efforts.”

If you’re just now getting wind of the OSHW logo voting check out our previous article highlighting this event, and to get more details.

44 thoughts on “Thanks For Ruining A Good Thing, Or TRYING To!

  1. @Gdogg

    NO! Now that you’ve expressed a strong opinion, I’ve developed a strong opinion! The copyleft chip is the best (left margin on the bottom), and I feel so strongly that I’m going to set my bot army to vote for it a million times!

  2. Wah wah wah …

    An article bitching and moaning about someone flexing their brain. Wow.

    Nice job on NOT coding that vote system very well at all. That was really well thought out.

    I suppose whomever coded this should take up a job with MySQL (whose system was taken down by a SQL injection attack).

    Well done.

  3. @hpux735

    The problem with the Copyleft logo is that if you turn it upside down (as will happen often on PCBs) it’s a copyright symbol.

    That, and it’s electronics focused. OHW should be broader than just electronics.

  4. Frankly I’d be surprised if no one had altered the vote with scripts. Common people, we’re on hack a day… you almost assume the vote would come down to who could best bend the rules in their favor.

  5. Maybe they should concentrate on figuring out exactly what their name is first. Is it “Open Source Hardware”? or is it “Open Hardware”…cause right now no one knows.

    Oh, and would it kill you to include a commercial license in it? No, no it wouldn’t. A few of us would like to make a few bucks on our hard work someday. Sharing is great and all, we all do it, and I’m glad the companies involved in writing the OSHW definition are now raking in millions of bucks. But what about the little guy just starting out? You want to steal our designs now too? /rant

  6. Allowing anybody to vote 3000+ times from a single IP speaks more to the poll being broken and poorly designed. True, some blame rests on the ones trying to game the system (for an open source logo?!?) but if the system rejected the 10th or even 30th vote from the same IP, this would never have happened in the first place. Yes, I know many corporations and organizations have a single IP and a LAN behind it so don’t make it 1 IP = 1 vote. Yes, people can still get around it but at least don’t make it so trivial that a maker can spend 2 minutes writing a macro to enter thousands of times.

  7. Interesting news, but such a petty action for anyone not counting the votes to spend much time on.

    @ Bill D. Williams; the answer to your dilemma is simple, simply don’t release any work of yours under any open license. However that’s not going to prevent any of the big guys making use of any original idea you may have, and you use it in a for profit enterprise. Many years ago one of the general interest Electronic hobbyists magazines had an article of steps to take to protect yourself in the event a larger cooperation tries to lay claim to an idea of yours. The small guy gets the short end of the stick, if does come down to a battle.

  8. One word:
    Captcha

    This is a ridiculous post HaD and because of it, I am temped to make a script where all visitors to my webpage inadvertently cast a vote to support my favorite. Let’s see you track that. ;)

  9. A surprising number seem to be a variation on “faulty gear” — is open hardware meant to be defective, then?

    I’m still of mixed feelings about this whole thing, it seems like a credit grab for marketing purposes by a few parties which doesn’t contribute anything useful to the broader community.

  10. It’s a really flawed survey regardless, because it’s being conducted in English on a page hosted in English.

    The copyleft chip logo is doubly broken. First, as you guys said, it can easily be inverted. Worst, however, is it is entirely an English language glyph. Copy “left” is a pun on copy “right”, where “right” is homonym for both “opposite of left” and “freedom”. Puns don’t translate well.

    To a French or Spanish speaker, at best it doesn’t make much sense, but will more likely be seen as yet another Americanism being shoved down their throats. We’ve learned that a truly international logo should avoid any hint of language. The gear with no writing meets that goal, as do several of the various key logos.

  11. No matter which one gets voted in, I’m going with “Golden Orb”, the blue gear with the missing notch. It’s in the top 3 of the vote, not adjusting for the voter fraud, and I personally think it is the best out of the logos presented. It is similar to the Open Software logo and it is not too terribly detailed, and is thus easy to either silk screen or hand etch.

  12. Great,
    Now I know what sort of a community I follow here, full of total cocks who think just cos the site is coded poorly they somehow have a right to abuse the whole system.
    The whole “oh Im part of the ‘hacking community’, its expected of us” just doesnt fly-so much for the site coder thinking he was part of a trustworthy community.
    A lot of you sound like those online gamers who fool themselves into believing using wallhacks and aimbots is perfectly legit just cos the tools to do so are there – the game shd have been coded better. Yeah right!
    So what if its coded badly, some cockhead cheated, plain n simple. Some of you had better reacquaint yourslves with the real meaning in a dictionary, not only the definition, but also the type of person of somebody who feels ok to cheat.
    If I were the organiser I’d pull the whole logo event, redo the site to put up a huge ‘dirty cheaters’ banner, and get everybody to re-vote, citing the cheaters as the reason. Then if it happens again, pull it again.
    Just despicable.

  13. Have to agree with some of the above comments, most of the designs are rubbish and is it “Open Hardware” or “Open Source Hardware”? they can’t even make their mind up about that.

  14. Are the OSHW really legit? They’re using a shitty free poll website (micropoll.com), never had the sense to turn on IP address checking and then put out a whiney post when people abuse it. What a bunch of kids.

  15. @Spork how would you make such a script? It would be easy if the poll used GET, but it uses POST. And I’m pretty sure anti-XSS security would prevent you from automating to the POST to a different URL. So how would you do it?

  16. Olivier, the protection is built into browsers, ie preventing the use of javascript to automatically POST data to a domain other than the one you’re currently viewing. So it’s not dependent on the poll makers :)

  17. huh? I think someone needs to grow up a “little”…

    If one was to create a PCB for a harsh environment and failed to pot/protect said board, is it the environment’s fault the board fails or the bell-end who put an unprotected item in the known harsh environment?

    BAD environment – take yourself outside and give yourself a spanking!

  18. i could use work to find out from thier last ip and times, but to be fair they kinda did hack the system to there advantage, ihave to give them a thumbs up for that, hacking things is not a bad thing, not that i condone or endorse illegal activity

  19. “While it is hard to imagine how someone would be so attached to a logo to write a script just to game votes, its not that surprising considering that we can be a pretty outgoing bunch when it comes to certain topics.”

    Yeah because this is the only community on the internet..just doesn’t make sense.

    Someone is bringing gated-community consciousness to blogging ^^

  20. I know what would have stopped this attack. A sudden switch to a captcha test, followed by email pin verification, followed by phone verification, and finally an error page once they finally vote to make them think their vote is lost and they must start over again, but the same credentials will not be allowed again.

    Or you could just pick the logo out of a hat and be done with this foolishness.

  21. manual captcha+xmlhttprequest+proxies=”gamed”
    manual captcha+http forged packets+proxies=”gamed”

    I also find it humorous in today’s industry how people who are clueless about technology get ‘caught out’ while employed under vital roles..

    I could bot this in minutes with email verification+captcha+hidden fields+jscript-keygen,actionscript-keygen and their ‘experts’ wouldn’t see anything in Apache or IIS logs..of course money talks and bullshit works for IT companies xd

  22. Why? because they can and nothing in their life has taught them they shouldn’t. Accept it, this is the world we live in. In a group as large as this you are going to get a few.

    Why don’t we just re-vote in a more secure way?

  23. Ok, you got me. I confess, I was the one that hacked the vote. All my votes went to the copyleft chip logo. Now, please remove 3000 votes from that logo so that the one I actually DO like has a better chance of winning. ;-)

    (Seriously though, even if the person steps forward, how can you ever trust them to tell you the truth about which logo they voted for?)

  24. LOL.. good point, Mariano.

    Somehow requiring a specific logo to be on a PCB in order to officially define it as “open” hardware makes it feel a lot less… open.

  25. @Dosbomber: clubhouse-rules is a popular social phenomenon both online and offline.

    I just hope they pay the professional who was surprised by this a lot of money..xD

  26. I can understand their expectation that in this case the people interested would be the type of person who would forgo being an ass and messing up the system.
    As for the arguments in favour, if I bash your head in is it your own fault for not wearing a hardhat? There’s such a thing as civilised behavior and we all rely on it, including those brave guys who think it’s normal to abuse anything and everything.

  27. anyone ever hear of greasemonkey?
    it can automate NEOPETS and modify a site in nearly any way so the votes wouldnt even be coming from a different domain or referer(this is a fun tag to play with….some sites used to have their members section ONLY protected by referer so you didnt even need to login, just tell the members section you’re coming from the login page and you instantly got pay naked girls for free

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.